I had a similar problem when moving to a newer version, the
prior had run as root and logged to files in /var/log, the
new version running as non-root couldn't do so.
I created a subdirectory, and moved the logging in named.conf
down one level, which you already have, but I set the owner of
the subdirectory to the user running the daemon.
Did that not work for you, or is there some other obstruction?
On Fri, Oct 11, 2013 at 10:31:35AM +0200, Pawe? Ch. wrote:
> Hi list,
>
> I would like to setup fail2ban service on debina 6.0. I must setup bind
> logging. My bind server can't log into /var/log/named/security.log
>
> # cat named.conf.options
> //acl for manchines in dmz100.local network
> acl dmz { 10.0.0.0/24; };
>
> options {
> allow-query { none; };
> allow-query-cache { none; };
> directory "/var/cache/bind";
> notify no;
> recursion no;
> additional-from-cache no;
>
> auth-nxdomain no; # conform to RFC1035
> listen-on-v6 { any; };
>
> version "9.3.4-P1";
> };
>
> logging {
> channel security_file {
> file "/var/log/named/security.log" versions 3 size 30m;
> severity dynamic;
> print-time yes;
> };
> category security {
> security_file;
> };
> };
>
> Thanks
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
---
Brian R Cuttler brian.cutt...@wadsworth.org
Computer Systems Support (v) 518 486-1697
Wadsworth Center (f) 518 473-6384
NYS Department of Health Help Desk 518 473-0773
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
